Pasquale Congiusti created CAMEL-23268:
------------------------------------------
Summary: [camel-jbang] Wrapper command potential security
permission issue
Key: CAMEL-23268
URL: https://issues.apache.org/jira/browse/CAMEL-23268
Project: Camel
Issue Type: Bug
Reporter: Pasquale Congiusti
The work done in https://github.com/apache/camel/pull/21978 may have introduced
a potential security permission problem [1]. This is setting a
`PosixFilePermission.OTHERS_EXECUTE` which is likely a too broad permission
allowing `OTHERS` execution permission which probably they don't need.
Please, review it and fix. If by any change this is the correct expected
privilege, add a comment note to exclude from sonar static code analysis.
[1]
https://sonarcloud.io/project/issues?impactSoftwareQualities=SECURITY&issueStatuses=OPEN%2CCONFIRMED&id=apache_camel&open=AZ0GN9CjMLjZL-UnzDjl
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
